Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/g1WKIMa3-nGaJwZmiHJNnyi86uk.roa
File: g1WKIMa3-nGaJwZmiHJNnyi86uk.roa (raw, json)
Hash identifier: gQa86MQvungi2U+qlMv0qLAiVtHVnlFiNf5+j28CMT8=
Subject key identifier: 83:55:8A:20:C6:B7:FA:71:9A:27:06:66:88:72:4D:9F:28:BC:EA:E9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018729D7EBF7F709BC5EDA03A7F6CB39E107
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/g1WKIMa3-nGaJwZmiHJNnyi86uk.roa
Signing time: Tue 28 Mar 2023 20:10:29 +0000
ROA not before: Tue 28 Mar 2023 20:10:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Apr 2023 16:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:d7:eb:f7:f7:09:bc:5e:da:03:a7:f6:cb:39:e1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 28 20:10:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83558a20c6b7fa719a27066688724d9f28bceae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5b:cd:56:cc:1e:8b:ce:75:e6:89:b4:b3:f8:
e1:ea:b4:cc:70:5c:a0:df:02:70:a7:02:a9:3a:09:
c3:53:87:66:4c:25:a1:45:fd:35:98:e2:3f:32:03:
81:3e:96:5d:9c:07:f1:cd:ae:7c:22:6e:e0:02:8d:
2a:86:8d:bf:80:91:a4:5e:a5:97:8a:9b:78:74:72:
cd:77:35:61:05:09:cd:4e:2f:7d:81:8f:b5:0f:8f:
d9:76:2e:22:a8:e1:1b:9d:b3:21:ae:b7:5c:cb:ab:
4a:88:54:1a:58:43:58:5b:91:d1:89:78:5d:44:37:
1f:ae:0f:2d:f3:bc:63:11:5b:28:66:fd:01:3e:9d:
d4:be:e4:72:46:5f:07:e8:1b:42:ad:d6:2c:fd:90:
77:62:ef:1e:3d:f9:ed:e1:6c:4d:25:44:9f:1d:c2:
a0:1a:1b:11:d9:95:60:60:56:14:87:89:37:88:1b:
0c:24:62:f2:25:47:40:05:cd:2d:97:37:10:b5:43:
2e:7b:f8:84:3d:a7:84:74:ea:8f:a2:80:a6:da:3a:
2d:1e:78:87:6e:c5:67:a8:d1:34:d0:31:b8:1e:5e:
e7:55:8a:01:50:10:6e:00:3f:c1:29:fa:35:ab:85:
57:10:2b:13:fb:1d:c7:44:61:a0:82:9f:45:c3:f2:
05:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:55:8A:20:C6:B7:FA:71:9A:27:06:66:88:72:4D:9F:28:BC:EA:E9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/g1WKIMa3-nGaJwZmiHJNnyi86uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.70.0/24
88.216.96.0/24
88.216.185.0/24
Signature Algorithm: sha256WithRSAEncryption
20:9a:d2:30:64:be:ce:24:6b:05:d2:f3:2b:5e:95:0a:78:ae:
99:d1:4e:34:d5:fe:22:92:ab:12:5b:25:c2:73:29:3c:4b:4d:
46:14:67:9a:36:2d:18:37:02:c2:96:f2:61:d9:6f:39:dc:0c:
75:6b:7b:eb:08:9b:47:f7:cd:22:a3:aa:35:f5:ff:06:be:af:
17:4c:90:b8:1f:a9:13:ff:e7:72:62:d8:f7:27:6f:22:7c:13:
d3:76:35:1b:50:16:ac:90:ea:29:4c:62:f4:d8:aa:cf:05:28:
85:54:13:3f:3a:2f:dc:6c:be:36:01:80:e6:25:10:3f:a5:b5:
e7:85:df:3a:ad:83:a6:03:24:e3:26:a9:04:f9:52:51:6a:98:
e1:f8:c6:12:e3:d0:74:98:b3:50:3a:9b:bd:fb:06:9e:b7:46:
98:90:52:fb:74:f5:a6:7b:6f:45:52:c8:08:5b:c6:96:9b:53:
fb:63:30:f2:cf:28:5f:2f:17:8e:b2:39:4b:c0:be:e8:58:f7:
d8:84:5e:b0:de:12:35:f6:d5:3c:53:d0:18:3a:ec:d0:f9:ee:
16:1e:16:09:63:e9:64:f9:9e:29:24:de:32:5a:3b:2f:b0:99:
8f:a2:fa:53:85:69:a2:8c:51:55:86:46:96:a0:d3:96:00:da:
1c:17:9c:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcp1+v39wm8XtoDp/bLOeEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMzI4MjAxMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzU1OGEyMGM2YjdmYTcxOWEyNzA2NjY4ODcyNGQ5ZjI4YmNlYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1vNVswei8515om0s/jh6rTMcFyg
3wJwpwKpOgnDU4dmTCWhRf01mOI/MgOBPpZdnAfxza58Im7gAo0qho2/gJGkXqWX
ipt4dHLNdzVhBQnNTi99gY+1D4/Zdi4iqOEbnbMhrrdcy6tKiFQaWENYW5HRiXhd
RDcfrg8t87xjEVsoZv0BPp3UvuRyRl8H6BtCrdYs/ZB3Yu8ePfnt4WxNJUSfHcKg
GhsR2ZVgYFYUh4k3iBsMJGLyJUdABc0tlzcQtUMue/iEPaeEdOqPooCm2jotHniH
bsVnqNE00DG4Hl7nVYoBUBBuAD/BKfo1q4VXECsT+x3HRGGggp9Fw/IFZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFINViiDGt/pxmicGZohyTZ8ovOrpMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZzFXS0lNYTMtbkdhSndabWlISk5ueWk4NnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBGAwQA
WNhgAwQAWNi5MA0GCSqGSIb3DQEBCwUAA4IBAQAgmtIwZL7OJGsF0vMrXpUKeK6Z
0U401f4ikqsSWyXCcyk8S01GFGeaNi0YNwLClvJh2W853Ax1a3vrCJtH980io6o1
9f8Gvq8XTJC4H6kT/+dyYtj3J28ifBPTdjUbUBaskOopTGL02KrPBSiFVBM/Oi/c
bL42AYDmJRA/pbXnhd86rYOmAyTjJqkE+VJRapjh+MYS49B0mLNQOpu9+waet0aY
kFL7dPWme29FUsgIW8aWm1P7YzDyzyhfLxeOsjlLwL7oWPfYhF6w3hI19tU8U9AY
OuzQ+e4WHhYJY+lk+Z4pJN4yWjsvsJmPovpThWmijFFVhkaWoNOWANocF5yr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org